Generally protection of data stored in a pluggable flash storage device is of growing importance. The pluggable flash storage device consists of flash memory data storage device integrated with a Universal Serial Bus (USB) which is typically removable and rewriteable. The pluggable flash storage device is generally used for persistent cache offload for storage area network (SAN) controllers in SAN array. In cases when the storage controller restarts or losses power, the storage controller immediately flushes the cached data to the pluggable flash storage device. In addition, the pluggable flash storage device also stores data like metadata, code images, diagnostic data such as core files and log files, and extended diagnostics associated with the storage controller.
FIG. 1 illustrates a conventional SAN array 100 comprising storage controller, pluggable flash storage device and related modules.
The SAN array 100 (alternatively referred to as system 100) comprises a User IO request queue 102, storage controller 104, IO Engine 106, configuration setting and metadata cache 108, IO buffer 110 and pluggable flash storage device 112 (interchangeably referred to as storage device 112). The system 100 receives a request for read/write operation from/in the storage device 112. The request is made by the user or by the storage controller 104. The user IO request queue 102 receives and stores the request in the order of receipt and forwards the request to the storage controller 104 for further processing.
The storage controller 104 receives the request from the user IO request queue 102 and instructs the IO engine 106 to perform the requested read/write operation from/to the storage device 112. In case of write operation, the IO buffer 110 buffers the data to be written into the storage device 112 and the IO engine 106 retrieves the buffered data from the IO buffer 110 before writing the data. In case the storage controller 104 restarts or loses power and if the user or the storage controller 104 had searched for configuration and metadata including controller firmware image with configuration setting, Metadata, Diagnostic data such as core files and log files, and extended diagnostics of storage controller stored at configuration setting & metadata cache 108, then the storage controller 104 instructs the IO engine 106 to flush the data of configuration setting & metadata cache 108 to the storage device 112.
If the storage device 112 is plugged into the system 100 after the storage controller 104 restarts, the storage controller 104 searches for data of configuration setting & metadata in the configuration setting & metadata cache 108 and extracts the required data from the storage device 112. The storage controller 104 also extracts any other required data provided by the user to set or modify the system 100. After extracting the required data from the storage device 112, the extracted data is stored into the configuration setting & metadata cache 108 and the storage controller 104 is reconfigured based on the stored data. Once the reconfiguration is complete, the storage controller 104 resumes its operation. However, in case of unauthorized user access made to the storage device 112 bad data or malware or virus could be inserted to the storage device 112. Further, in case hacking of the storage device 112 is done by unauthorized user, then the stored data may be damaged. In both cases, the result would be catastrophic and the storage controller 104 would start malfunctioning, or undergo crash or could hang up.
Therefore, there is a need for a method and system to establish a secure communication during read/write operation, to restore session in case of it being interrupted during the session and to provide secured access to the storage device, overcoming the above mentioned limitations.